/** * Assigns the given certificate to the given alias. * * <p>If the given alias already exists in this keystore and identifies a <i>trusted certificate * entry</i>, the certificate associated with it is overridden by the given certificate. * * @param alias the alias name * @param cert the certificate * @exception KeyStoreException if the given alias already exists and does not identify a * <i>trusted certificate entry</i>, or this operation fails for some other reason. */ public void engineSetCertificateEntry(String alias, Certificate cert) throws KeyStoreException { permissionCheck(); synchronized (entries) { Object entry = entries.get(alias.toLowerCase()); if ((entry != null) && (entry instanceof KeyEntry)) { throw new KeyStoreException("Cannot overwrite key entry with certificate"); } // This will be slow, but necessary. Enumerate the values and then see if the cert matches // the one in the trusted cert entry. // Security framework doesn't support the same certificate twice in a keychain. Collection<Object> allValues = entries.values(); for (Object value : allValues) { if (value instanceof TrustedCertEntry) { TrustedCertEntry tce = (TrustedCertEntry) value; if (tce.cert.equals(cert)) { throw new KeyStoreException( "Keychain does not support mulitple copies of same certificate."); } } } TrustedCertEntry trustedCertEntry = new TrustedCertEntry(); trustedCertEntry.cert = cert; trustedCertEntry.date = new Date(); String lowerAlias = alias.toLowerCase(); if (entries.get(lowerAlias) != null) { deletedEntries.put(lowerAlias, entries.get(lowerAlias)); } entries.put(lowerAlias, trustedCertEntry); addedEntries.put(lowerAlias, trustedCertEntry); } }